<?php require_once('../../Connections/Admin.php'); ?>

<?php 
	if(isset($_POST['pass1'])&&($_POST['compro']=="cambiar")){
		mysql_select_db($database_Admin, $Admin);
		$query = "UPDATE users SET pass ='".md5($_POST['pass1'])."' WHERE token='".$_POST['token']."'";
		mysql_query($query, $Admin);
		mysql_query("UPDATE users SET token='000000' WHERE pass ='".md5($_POST['pass1'])."'",$Admin);
		echo' 
	<script>function cambiarPass(){alert("Contraseña exitosamente cambiada.");}
	 cambiarPass();
    </script>
	<meta http-equiv="refresh" content="0;url=login.php">';	
	
	}else{
		echo' 
	<script>function errorToken(){alert("Acceso denegado.");}
	errorToken();
    </script>
	<meta http-equiv="refresh" content="0;url=index.php">';	
	}
?>